"People have a really hard time understanding URLs," Adrienne Porter Felt, an engineering manager on Chrome's security team, said in a Wired interview published in conjunction with Chrome's 10th anniversary on Tuesday. "We we want to move toward a place where web identity is understandable by everyone -- they know who they're talking to when they're using a website and they can reason about whether they can trust them ... It's important we do something, because everyone is unsatisfied by URLs. They kind of suck."

It isn't surprising Google wants to fix the problems of URL addressing. But changing something built this deeply into the web is hard. It could be that URLs are more like what Winston Churchill said about democracy: the worst option out there, except for all the others.

And it isn't clear exactly what the team has in mind, but Porter Felt tweeted on Tuesday, "People don't look at them when they ought to. And when they do, they don't know which part to look at. We are exploring ways of drawing attention to the right identity indicators at the right times."

URLs are a security problem since carefully crafted but bogus URLs can fool people into thinking they're visiting a legitimate website where they enter passwords or other sensitive information.

URLs have lots of elements. Among them: the HTTPS label that indicates a private, tamper-proof connection between your browser and a website; broad and detailed address information for the specific page; and an infinite number of possible parameters used for everything from passing a search query to Google to tracking your presence as you move around the web. URLs can be far longer than even a wide-screen browser can show, and stuffed with alphanumeric gobbledygook that even web browsers find difficult to understand.

Porter Felt knows change will be controversial. "That's one of the challenges with a really old and open and sprawling platform," she told Wired.

In the Chrome address box's "resting state" -- in other words, when you aren't typing in it or otherwise interacting -- Google now hides the HTTP or HTTPS prefix and strips out website domain qualifiers like the initial "m." that indicates a website geared for mobile devices. That's because long web addresses can be confusing, especially to people new to the web.